SDX: A Software Defined Internet Exchange

Transcription

1 SDX: A Software Defined Internet 2014 Laurent Vanbever Princeton University FGRE Workshop (Ghent, iminds) July,

2 The Internet is a network of networks, referred to as Autonomous Systems (AS) AS20 AS30 AS10 AS40 AS50

3 BGP is the routing protocol glueing the Internet together AS20 AS30 AS10 BGP sessions AS40 AS50

4 ASes exchange information about the IP prefixes they can reach AS /16 ETH/UNIZH Camp Net

5 ASes exchange information about the IP prefixes they can reach AS20 AS30 AS /16 Path: 40 AS40 AS /16 Path: /16 ETH/UNIZH Camp Net

6 Reachability information is propagated hop-by-hop AS20 AS30 AS10 AS40 AS /16 Path: /16 ETH/UNIZH Camp Net

7 Reachability information is propagated hop-by-hop AS /16 Path: AS10 AS /16 Path: AS50 AS /16 ETH/UNIZH Camp Net

8 Life of a BGP router is made of three consecutive steps while true: receives routes from my neighbors select one best route for each prefix export the best route to my neighbors

9 Each AS can apply local routing policies Each AS is free to select and use any path preferably, the cheapest one

10 always prefer Deutsche Telekom routes over AT&T /16 Path: /16 Path:

11 IP traffic always prefer Deutsche Telekom routes over AT&T

12 Each AS can apply local routing policies Each AS is free to select and use any path preferably, the cheapest one decide which path to export (if any) to which neighbor preferably none, to minimize carried traffic

13 do not export ETH routes to AT&T /16 Path: 40

14 do not export ETH routes to AT&T

15 BGP is notoriously inflexible and difficult to manage

16 BGP is notoriously inflexible and difficult to manage Fwd paradigm Fwd control Fwd influence

17 BGP is notoriously inflexible and difficult to manage BGP Fwd paradigm destination-based Fwd control indirect configuration Fwd influence local BGP session

18 SDN can enable fine-grained, flexible and direct expression of interdomain policies BGP SDN Fwd paradigm destination-based any source addr, ports, VLAN, Fwd control indirect configuration direct open API (e.g., OpenFlow) Fwd influence local BGP session global remote controller control

19 How do you deploy SDN in a network composed of 50,000 subnetworks?

20 How do you deploy SDN in a network composed of 50,000 subnetworks? Well, you don t

21 Instead, you aim at finding locations where deploying SDN can have the most impact

22 Instead, you aim at finding locations where deploying SDN can have the most impact Deploy SDN in locations that connect a large number of networks carry a large amount of traffic are opened to innovation

23 Internet exchange Points (IXP) meet all the criteria Deploy SDN in locations that AMS-IX connect a large number of networks carry a large amount of traffic are opened to innovation 670 networks 2.9 Tb/s (peak) BGP Route Server Mobile peering Open peering

24 A single deployment can have a large impact Deploy SDN in locations that AMS-IX connect a large number of networks carry a large amount of traffic are opened to innovation 670 networks 2.9 Tb/s (peak) BGP Route Server Mobile peering Open peering

25 SDX = SDN + IXP

26 SDX = SDN + IXP Augment the IXP data-plane with SDN capabilities keeping default forwarding and routing behavior Enable fine-grained inter domain policies bringing new features while simplifying operations

27 SDX = SDN + IXP Augment the IXP data-plane with SDN capabilities keeping default forwarding and routing behavior Enable fine-grained inter domain policies bringing new features while simplifying operations with scalability and correctness in mind supporting the load of a large IXP and resolving conflicts

28 SDX enables a wide range of novel applications security Prevent/block policy violation Prevent participants communication Upstream blocking of DoS attacks forwarding optimization Middlebox traffic steering Traffic offloading Inbound Traffic Engineering Fast convergence peering Application-specific peering remote-control Influence BGP path selection Wide-area load balancing

29 SDX: A Software Defined Internet Exchange 1 Architecture programming model 2 Scalability control- & data-plane 3 Applications inter domain bonanza

30 SDX: A Software Defined Internet Exchange 1 Architecture programming model Scalability control- & data-plane Applications inter domain bonanza

31 An IXP is a large layer-2 domain where participant routers exchange routes using BGP Participant #1 Edge router Participant #2 IXP Switching Fabric Participant #3

32 An IXP is a large layer-2 domain where participant routers exchange routes using BGP Participant #1 ebgp sessions Participant #2 ebgp routes Participant #3

33 To alleviate the need of establishing ebgp sessions, IXP often provides a Route Server (route multiplexer) Participant # / /8 Participant #2 Router Server /8 Participant #3

34 IP traffic is exchanged directly between participants IXP is forwarding transparent Participant #1 IP traffic Participant #2 Router Server Participant #3

35 With respect to a traditional IXP, SDX data-plane relies on SDN-capable devices Participant #1 Participant #2 Router Server Participant #3

36 With respect to a traditional IXP, SDX s data-plane relies on SDN-capable devices Participant #1 SDN Participant #2 Router Server Participant #3

37 With respect to a traditional IXP, SDX s control-plane relies on a SDN controller Participant #1 BGP sessions Participant #2 SDN controller also a Route Server Participant #3

38 SDX participants express their forwarding policies in a high-level language built on top of Pyretic (*) (*)

39 SDX policies are composed of a pattern and some actions match ( Pattern ), then ( Actions )

40 Pattern selects packets based on any header fields while Actions forward or modify the selected packets Pattern eth_type vlan_id srcmac match ( dstmac, &&, ), then ( Actions ) protocol dstip tos srcip srcport dstport

41 Pattern selects packets based on any header fields, while actions forward or modify the selected packets Actions drop match ( Pattern ), then ( forward ) rewrite

42 Each participant writes policies independently and transmits them to the controller Participant #2 policy match(dstport=80), fwd(#3) match(dstport=22), fwd(#1) Participant #1 SDN controller Participant #3 policy match(srcip=0*), fwd(left) match(srcip=1*), fwd(right)

43 Given the participant policies, the controller compiles them to SDN forwarding rules Participant #2 policy match(dstport=80), fwd(#3) match(dstport=22), fwd(#1) Participant #1 forwarding entries SDN SDN controller Participant #3 policy match(srcip=0*), fwd(left) match(srcip=1*), fwd(right)

44 Given the participant policies, the controller compiles them to SDN forwarding rules Ensuring isolation Resolving policies conflict Ensuring compatibility with BGP

45 Given the participant policies, the controller compiles them to SDN forwarding rules Ensuring isolation Each participant controls one virtual switch connected to participants it can communicate with Resolving policies conflict Ensuring compatibility with BGP

46 Given the participant policies, the controller compiles them to SDN forwarding rules Ensuring isolation Resolving policies conflict Participant policies are sequentially composed in an order that respects business relationships Ensuring compatibility with BGP

47 Given the participant policies, the controller compiles them to SDN forwarding rules Ensuring isolation Resolving policies conflict Ensuring compatibility with BGP policies are augmented with BGP information guaranteed correctness and reachability

48 SDX: A Software Defined Internet Exchange Architecture programming model 2 Scalability control- & data-plane Applications inter domain bonanza

49 The SDX platform faces scalability challenges in both the data- and in the control-plane data-plane space control-plane time

50 data-plane space control-plane time 500,000 prefixes, 500+ participants, potentially billions of forwarding rules 100s of policies that have to be updated dynamically according to BGP

51 To scale, the SDX platform leverages domain-specific knowledge data-plane space control-plane time leverage existing routing platform leverage inherent policy structure

52 data-plane space control-plane time leverage existing routing platform

53 The edge routers, sitting next to the fabric, are tailored to match on numerous IP prefixes not FIB-constrained FIB constrained Edge router SDN switch

54 We consider routers FIB as the first stage of a multi-stage FIB IXP fabric Table #1 Table #2 Edge router SDN switch

55 Routers FIB match on the destination prefix and set a tag accordingly set a TAG based on IP Table #1 Table #2 Edge router SDN switch

56 The SDN FIB matches on the tag, not on the IP prefixes set a TAG based on IP match TAG Table #1 Table #2 Edge router SDN switch

57 How do we provision tag entries in a router, and what are these tags? set a TAG based on IP match TAG Table #1 Table #2 Edge router SDN switch

58 We use BGP as a provisioning interface and BGP next-hops as labels forward to BGP NH match on BGP NH p1 p2 p3 p4 p5 BGP router fwd(1) fwd(2) fwd(3) fwd(4) virtual switch

59 All prefixes sharing the same forwarding behavior are grouped together using the same BGP next-hop p1 p2 p3 p4 p5 BGP router fwd(1) fwd(2) fwd(3) fwd(4) virtual switch

60 The SDX data-plane maintains one forwarding entry per prefix-group p1 p2 p3 p4 p5 BGP router fwd(1) fwd(2) fwd(3) fwd(4) virtual switch

61 Data-plane utilization is reduced considerably as there are way more prefixes than prefixes groups # prefixes >> #prefixes groups p1 p2 p3 p4 p5 BGP router fwd(1) fwd(2) fwd(3) fwd(4) virtual switch

62 By leveraging BGP, the SDX can accommodate policies for hundreds of participants with less than 30k rules

63 data-plane space control-plane time leverage inherent policy structure

64 SDX policies exacerbate key characteristics that enable to speed-up compilation time considerably Policies are often disjoint Policy updates are local Policy updates are bursty

65 SDX policies exacerbate key characteristics that enable to speed-up compilation time considerably Policies are often disjoint disjoint policy do not have to be composed together significant gain as composing policies is time consuming Policy updates are local Policy updates are bursty

66 SDX policies exacerbate key characteristics that enable to speed-up compilation time considerably Policies are often disjoint Policy updates are local Policy updates usually impact a few prefix-groups 75% of the updates affect no more than 3 prefixes Policy updates are bursty

67 SDX policies exacerbate key characteristics that enable to speed-up compilation time considerably Policies are often disjoint Policy updates are local Policy updates are bursty policy changes are separated of large periode of inactivity 75% of the time, inter-arrival time between updates is at least 10s

68 The SDX controller adopts a two-staged compilation algorithm Fast, but non-optimal algorithm upon updates can create more rules than required Slow, but optimal algorithm in background recompute prefix groups Time vs Space trade-off

69 In most cases, the SDX takes <100 ms to recompute the global policy upon a BGP event

70 Novel Applications for a SDN-enabled Internet exchange Point Architecture programming model Scalability control- & data-plane 3 Applications inter domain bonanza

71 SDX enables a wide range of novel applications security Prevent/block policy violation Prevent participants communication Upstream blocking of DoS attacks forwarding optimization Middlebox traffic steering Traffic offloading Inbound Traffic Engineering Fast convergence peering Application-specific peering remote-control Influence BGP path selection Wide-area load balancing

72 SDX enables a wide range of novel applications security Prevent/block policy violation Prevent participants communication Upstream blocking of DoS attacks forwarding optimization Middlebox traffic steering Traffic offloading Inbound Traffic Engineering Fast convergence peering Application-specific peering remote-control Influence BGP path selection Wide-area load balancing

73 SDX can improve inbound traffic engineering

74 Given an IXP Physical Topology and a BGP topology, implement B s inbound policies AS B / / / /24 AS A AS C

75 Given an IXP Physical Topology and a BGP topology, Implement B s inbound policies B s inbound policies / /24 to from receive on AS B /24 A left /24 C right /24 ATT_IP right /24 * right /24 * left AS A AS C

76 Given an IXP Physical Topology and a BGP topology, How do you that with BGP? B s inbound policies / /24 to from receive on AS B /24 A left /24 C right /24 ATT_IP right /24 * right /24 * left AS A AS C

77 It is hard BGP provides few knobs to influence remote decisions Implementing such a policy is configuration-intensive using AS-Path prepend, MED, community tagging, etc.

78 It is hard and even impossible for some requirements BGP policies cannot influence remote decisions based on source addresses to from receive on /24 ATT_IP right

79 It is hard... In any case, the outcome is unpredictable Implementing such a policy is configuration-intensive using AS-Path prepend, MED, community tagging, etc. There is no guarantee that remote parties will comply one can only influence remote decisions Networks engineers have no choice but to try and see which makes it impossible to adapt to traffic pattern

80 With SDX, implement B s inbound policy is easy SDX policies give any participant direct control on its forwarding paths to from fwd B s SDX Policy /24 A /24 B /24 ATT_IP left right right match(dstip= /24, srcmac=a), fwd(l) match(dstip= /24, srcmac=b), fwd(r) match(dstip= /24, srcip=att), fwd(r) /24 * right match(dstip= /24), fwd(r) /24 * left match(dstip= /24), fwd(l)

81 SDX enables a wide range of novel applications security Prevent/block policy violation Prevent participants communication Upstream blocking of DoS attacks forwarding optimization Middlebox traffic steering Traffic offloading Inbound Traffic Engineering Fast convergence peering Application-specific peering remote-control Influence BGP path selection Wide-area load balancing

82 SDX enables a wide range of novel applications security Prevent/block policy violation Prevent participants communication Upstream blocking of DoS attacks forwarding optimization Middlebox traffic steering Traffic offloading Inbound Traffic Engineering Fast convergence peering Application-specific peering remote-control Influence BGP path selection Wide-area load balancing

83 SDX can help in blocking DDoS attacks closer to the source AS13 AS1 SDX#A SDX#B AS7

84 AS7 is victim of a DDoS attack originated from AS13 Attacker AS13 AS1 SDX#A SDX#B AS7 Victim

85 AS7 can remotely install drop() rule in the SDX platforms Attacker AS13 AS1 SDX#A SDX#B AS7 Victim

86 match(srcip=attacker/24, dstip=victim/32) >> drop()

87 SDX: A Software Defined Internet Exchange Architecture programming model Scalability control- & data-plane Applications inter domain bonanza

88 Our SDX platform can serve as skeleton for a SDX ecosystem We have running code (*) with full BGP integration, check out our tutorial We are in the process of having a first deployment ColoATL, planned deployment with GENI Many interested parties already important potential for impact (*)

89 Demonstration

90

91

92 BGP picked routes

93 port:4321 port:80 + default port:4322

94 SDX: A Software Defined Internet Exchange Laurent Vanbever FGRE Workshop (Ghent, iminds) July,